4987 matches found
IBM Maximo Asset Management Information Disclosure Vulnerability
IBM Maximo Asset Management is a suite of IT asset management solutions from IBM USA. An information disclosure vulnerability exists in IBM Maximo Asset Management. It allows remote authenticated users to access sensitive information via a REST API...
Linux/x86-64 - Bindshell 4444/TCP with Password Prompt Shellcode (162 bytes)
/--------------------------------------------------------------------------------------------------------------------- / Title: tcp bindshell with password prompt in 162 bytes Author: Sathish kumar Contact: https://www.linkedin.com/in/sathish94 Description: x64 Linux bind TCP port shellcode on po...
A step-by-step learn the ROP of the Android ARM 3 2-vulnerability warning-the black bar safety net
ROP stands for Return-oriented programming return-oriented programming this is an advanced memory attack techniques that can be used to bypass the modernoperating systema variety of common defenses such as the memory is not performed and code signing. Before we mainly discussed on linux in this...
Cisco Hosted Collaboration Mediation Fulfillment SOAP API Sensitive Information Disclosure Vulnerability
A vulnerability in the Simple Object Access Protocol SOAP application programming interface API of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an authenticated, remote attacker to obtain sensitive information that should be restricted. The attacker must authentica...
Microsoft Windows PGM UAF Elevation of Privilege Vulnerability
Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in the Microsoft Windows Programming Generic Multicast PGM protocol. A local attacker could exploit the vulnerability to execute code using elevated...
0d1n - Tool For Automating Customized Attacks Against Web Applications
Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. You can do: brute force passwords in auth forms directory disclosure use PATH list to brute, and find HTTP status code test list on input to find SQL Injection and XSS vulnerabilities To run: require libcurl-dev or...
applican vulnerable to script injection
Overview applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in proccessing URL. Note that this vulnerability is different from JVN71088919. Kenta Suefusa and Tomonori Shiom...
Latest EMET Bypass Targets WoW64 Windows Subsystem
Backwards compatibility, a necessary evil for Microsoft in its need to support so many legacy applications on Windows, may be its undoing as researchers have found a way to exploit this layer in the operating system to bypass existing mitigations against memory-based exploits. Specifically in thi...
Incredible! Someone Just Hacked 10,000 Routers to Make them More Secure
Has anyone ever heard about a "Vigilante-style Hacker," who hacks every possible system to make them more Secure? No. It's not funny, neither a movie story: Reportedly, someone is hacking thousands unprotected Wi-Fi routers everywhere and apparently forcing owners to make them more Secure. Securi...
[SECURITY] Fedora 21 Update: golang-1.5.1-0.fc21
The Go Programming Language...
[SECURITY] Fedora 22 Update: golang-1.5.1-0.fc22
The Go Programming Language...
SMF (Simple Machine Forum) 2.0.10 Remote Memory Exfiltration
!/usr/bin/python -- coding: iso-8859-15 -- Title: SMF Simple Machine Forum Filippo Roncari Truel Lab http://lab.truel.it Requirements: SMF = 2.0.10 PHP = 5.6.11 / 5.5.27 / 5.4.43 Advisories: TL-2015-PHP04 http://lab.truel.it/d/advisories/TL-2015-PHP04.txt TL-2015-PHP06...
Vulnerability in Newphoria MEGAPHONE MUSIC application
Newphoria MEGAPHONE MUSIC application for Android and iOS is a suite of music player applications based on the Android and iOS platforms from Newphoria Japan. A security vulnerability exists in the Newphoria MEGAPHONE MUSIC application for Android and iOS. The vulnerability can be exploited by an...
OpenShift: Malformed JSON can cause API process crash
It was found that improper error handling in the API server could cause the master process to crash. A user with network access to the master could use this flaw to crash the master process...
Cool player 2.19 Buffer Overflow Exploit
Exploit for windows platform in category local exploits AJITH KP @ajithkp560 Cool player 2.19 Buffer Overflow Video: https://www.youtube.com/watch?v=LobRjDom3w&feature=youtu.be junk = b'A' 253 eip = b'\x53\x93\x42\x7E' nops = '\x90' 5 buf =...
Hack Codegen - Facebook Open-Sources Code That Writes Code
Good news for Open Source Lovers! Facebook has open-sourced Hack Codegen – its library for automatically generating Hack code, allowing outside developers to automate some of their routine work while developing large programs. HACK is the Facebook's own programming language designed to build...
Here's Top 10 Popular Programming Languages used on GitHub
Open Source is the Future of the computer science world! On Wednesday, the popular coding website GitHub shared a graph that gives a closer look at the popularity of different programming languages used on its code sharing website that lets anyone edit, store, and collaborate on software code...
Debian Security Advisory DSA 3339-1 (openjdk-6 - security update)
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography. OpenVAS Vulnerability Test $Id: deb3339.nasl 660...
Easy File Management Web Server 5.6 Buffer Overflow
!/usr/bin/python Exploit Title: Easy File Management Web Server v5.6 - USERID Remote Buffer Overflow Version: 5.6 Date: 2015-08-17 Author: Tracy Turben [email protected] Software Link: http://www.efssoft.com/ Tested on: Win7x32-EN Special Thanks To: Julien Ahrens for the crafted jmp esp Trick...
[SECURITY] Fedora 22 Update: golang-1.4.2-3.fc22
The Go Programming Language...